Vestas: majority of IT systems restored after ransomware attack

Vestas likely suffered a ransomware attack on 19 November, but almost all of its IT systems are now up and running again, the world’s largest wind turbine maker said.

In an update, the company said that since the cyber security incident was discovered 19 November 2021, Vestas and its external partners have worked around the clock to re-establish normal operations:

“Having conducted extensive investigations, forensics, restoration activities and hardening of our IT systems and IT infrastructure, we are pleased to announce that almost all systems are up and running.”

Henrik Andersen, president and CEO, added: “We have been through some tough days since we discovered the cyber incident, and executive management and the board of directors are thus very pleased that the incident didn’t impact wind turbine operations and almost all of our IT systems are running again.”

“There is still a lot of work ahead of us to and we must remain extremely diligent towards cyber threats. I would already now like to take this opportunity to thank our customers, employees and external partners for their understanding and extraordinary support in these challenging circumstances.”

Although Vestas is close to normal operations, the work and investigations are still ongoing, the company said.

Vestas maintains there is no indication that the event has impacted customer and supply chain operations, which it said is supported by the forensics investigation carried out with the assistance of third-party experts.

It added that the cyber incident, which its investigations indicate was ransomware, impacted Vestas’ internal systems and resulted in data being compromised. The extent to which data has been compromised is still being investigated, but for now it appears that the data foremost relates to Vestas’ internal matters.

Follow us on twitter: @risksEmerging

Twitter feed is not available at the moment.